Cloud Security Architect


UK Wide – With Travel

Who you’ll be working with

You will be working within our Cyber Security Unit (“CSU”) which brings together 2,500 professionals to help define and implement our clients’ cybersecurity strategies. We protect their IT, industrial systems and the ever growing number of products and systems enabled by the Internet of Things (IoT). We also strengthen their defences, optimize their investments and control their risks. Our CSU include security experts (e.g. specialists in infrastructure, applications, endpoints and identity and access management), a research and development team (whose members specialize in malware analysis and forensics), ethical hackers, five multi-tenant security operation centers (SOC) in different parts of the world, and an Information Technology Security Evaluation Facility.

The focus for your role

As a Cloud Security Architect you will be in a technical, client-facing role, supporting and guiding clients in their experience with Capgemini’s Cloud Choice security solutions and services.

You will be responsible for ensuring timely responses to our clients’ Request for Proposals (RFPs) and questionnaires. You will collaborate with our business units, partners and legal teams to refine service agreements and service descriptions aligned with Capgemini’s Cloud Choice security strategy and policies. You will also share your knowledge and play an important role in developing our other consultants and our graduate community to ensure our CSU’s Cloud security skills and capability continues to grow.

What you’ll do:

  • Help clients create and develop enterprise security use cases which align to their organisational security strategy and Cloud security baseline.
  • Design, develop and build security reference architectures for public, private, and hybrid cloud based systems within Amazon Web Services (AWS), Microsoft Azure, or other cloud providers.
  • Act as an ambassador and senior technical representative for Capgemini Cloud security (e.g. engaging with senior technical leaders in our clients’ organisations to design and implement Cloud and Cloud hybrid based solutions.
  • Work with Capgemini’s Business Consulting, Infrastructure Services, and Application Development business units to develop standards, choose appropriate technology solutions and enable complete integration of our clients’ environments.
  • Lead training and technical forums, serve as a mentor and execute other initiatives designed to share knowledge with other people and teams.
  • Identify, recommend and co-ordinate training sessions to deliver the knowledge other teams need about security-relevant technologies, processes and tools.

What you’ll bring:

  • A firm understanding of the cloud delivery, security and deployment models for IaaS, PaaS and SaaS and up-and-coming Account – System – Server – Services hierarchy (AssS) service offerings provided by Amazon Web Services (AWS) and Microsoft Azure platforms.
  • A firm understanding of the security, configuration and deployment requirements for SaaS offerings (such as Salesforce) is highly desirable.
  • Proven ability to design and implement secure cloud architectures and designs that meet clients’ business requirements and incorporate appropriate and sustainable security controls and risk reductions.
  • Technical knowledge in routing, firewall policy, Anti-Distributed Denial of Service (Anti-DDoS), Web Application Firewall (WAF), Intrusion Prevention Systems (IPS), Security Information and Event Management (SIEM), secure credential management, virtualisation, service oriented architecture (SOA), Secure DevOps (SecDevOps), operational practices, micro services architecture and database design.
  • Experience in designing and implementing MS O365 SaaS service offerings for clients, including areas such as:
    • Enterprise network transformation requirements
    • Express route/resilient IPS connectivity design
    • Cloud based proxies/WAFs
    • Security controls for Cloud and endpoint services
    • Cloud Access Security Broker (CASB) into SaaS services
    • Encryption gateways, API firewalls, etc
    • Integration of CASB to SOC/SIEM services
  • Experience with assessing, developing, designing, implementing, operationalizing and documenting a comprehensive set of security technologies and processes within SaaS, IaaS, PaaS, and other cloud environments, such as:
    • Secure software development (application security)
    • Infrastructure security (network & endpoint)
    • Data protection (cryptography & key management, DLP, etc)
    • Identity and access management (IAM, IDaaS, etc)
  • Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc.).
  • Experience with service-oriented architecture for cloud-based services.
  • Experience working with cloud security and governance tools, CASBs and server and network virtualization technologies such as SDN.
  • Experience with enterprise applications (architecture, development, support, and troubleshooting).
  • Experience performing threat modelling and design reviews to assess security implications and requirements that accompany the introduction of new technologies. This includes knowledge of CSA, OWASP and other Industry Cloud Security Frameworks.
  • Experience in presenting technical viewpoints to diverse audiences and in making timely and prudent technical risk decisions.
  • Experience with enterprise architecture and working as part of a cross-functional team to implement solutions.
  • Ability to work independently with minimal direction (self-starting and motivated)
  • Experience with deployment orchestration, automation, and security configuration management (Puppet, Chef, Docker, etc.) preferred.

What we’ll offer you

Professional development. Accelerated career progression. An environment that encourages entrepreneurial spirit. It’s all on offer at Capgemini. And although collaboration is at the core of the way we work, we also recognise individual needs with a flexible benefits package you can tailor to suit you.

Why we’re different

At Capgemini, we help organisations across the world become more agile, more competitive and more successful. Smart, tailored, often-groundbreaking technical solutions to complex problems are the norm. But so, too, is a culture that’s as collaborative as it is forward thinking. Working closely with each other, and with our clients, we get under the skin of businesses and to the heart of their goals. You will too.

Capgemini is proud to represent nearly 130 nationalities and its cultural diversity. Our holistic definition of diversity extends beyond gender, gender identity, sexual orientation, disability, ethnicity, race, age and religion. Capgemini views diversity as everything that makes us who we are as an organization, including our social background, our experiences in life and work, our communication styles and even our personality.  These dimensions contribute to the type of diversity we value the most: diversity of thought.

We want to make sure that we find the right people to work in our teams, and we know that working full-time isn’t necessarily right for everyone. So we’d love to hear from you if you feel you’re a great fit for this role, and would like to work flexibly. As an example, some of our team members work four days a week, but travel across the UK during their working days. Or you might prefer to work three days a week (in a job share scenario) with travel limited to Greater London. If you are the right person for this role, we’ll find the right working approach for you.



Posted on:

November 2, 2018

Experience level:

Experienced Professional

Education level:

(i)GCSE or equivalent

Contract type:

Permanent Full Time


Any UK Base

Business units:





By continuing to navigate on this website, you accept the use of cookies.

For more information and to change the setting of cookies on your computer, please read our Privacy Policy.


Close cookie information